package com.cloudpark.controller;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import com.cloudpark.common.util.Constants;
import com.cloudpark.common.util.MessageUtil;
import com.cloudpark.model.entity.Menu;

@Controller
public class LoginController extends BaseController {

    @RequestMapping(value = "/signin", method = RequestMethod.POST)
    @ResponseBody
    public String signin(HttpServletRequest request, HttpServletResponse response) {
        String result = "";
        // 获取用户名和密码
        String account = request.getParameter("account");
        String password = request.getParameter("password");
        try {
            if (StringUtils.isBlank(account)) {
                result = MessageUtil.error("用户名不能为空");
                return result;
            }
            if (StringUtils.isBlank(password)) {
                result = MessageUtil.error("密码不能为空");
                return result;
            }
            Subject subject = SecurityUtils.getSubject();
            UsernamePasswordToken token = new UsernamePasswordToken(account, DigestUtils.sha256Hex(password));
            try {
                subject.login(token);
                token.clear();
                result = MessageUtil.success("登录成功");
            } catch (UnknownAccountException ex) {
                result = MessageUtil.error("账号错误");
            } catch (IncorrectCredentialsException ex) {
                result = MessageUtil.error("密码错误");
            } catch (LockedAccountException ex) {
                result = MessageUtil.error("账号已被锁定，请与系统管理员联系");
            } catch (AuthenticationException ex) {
                result = MessageUtil.error("您没有授权");
            } catch (Exception ex) {
                result = MessageUtil.error("服务器忙!");
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return result;
    }

    @RequestMapping(value = "/signout", method = RequestMethod.GET)
    public void signout(HttpServletRequest request, HttpServletResponse response) {
        Subject subject = SecurityUtils.getSubject();
        if (subject.getSession() != null) {
            subject.logout();
        }
        String redirectUrl = Constants.baseUrl + "login";
        try {
            WebUtils.issueRedirect(request, response, redirectUrl);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public ModelAndView login(HttpServletRequest request, HttpServletResponse response) {
        ModelAndView mv = new ModelAndView("login.jsp");
        return mv;
    }

    @RequestMapping(value = "/home", method = RequestMethod.GET)
    public void home(HttpServletRequest request, HttpServletResponse response) {
        // ModelAndView mv = new ModelAndView("home.jsp");
        // initMenu(request, response);
        // return mv;
        Menu menu = initMenu(request, response);
        String url = Constants.baseUrl + menu.getUrl() + "?menuId=" + menu.getId();
        try {
            WebUtils.issueRedirect(request, response, url);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
}
